Guide and Template for IANA Registrations of Enumservices
draft-ietf-enum-enumservices-guide-06

Status of this Memo

By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on May 17, 2008.

Abstract

This document provides a guide to and template for the creation of new IANA registrations of ENUM (E.164 Number Mapping) services. It is also to be used for updates of existing IANA registrations.

Table of Contents

1.  Introduction

2.  Terminology

3.  Enumservice Creation Cookbook
    3.1.  General Enumservice Considerations
    3.2.  Classification, Name, Type and Subtype
        3.2.1.  Choosing a "name" string
        3.2.2.  Protocol-based Enumservices Class
        3.2.3.  Application-based Enumservices
        3.2.4.  Data/Format Enumservice class

4.  Required Sections and Information
    4.1.  Introduction (MANDATORY)
    4.2.  ENUM Service Registration (MANDATORY)
    4.3.  Examples (MANDATORY)
    4.4.  Implementation Recommendations / Notes (OPTIONAL)
    4.5.  Security Considerations (MANDATORY)
    4.6.  IANA Considerations (MANDATORY)
    4.7.  DNS Considerations (OPTIONAL)
    4.8.  Other Sections (OPTIONAL)

5.  The Process of Registering New Enumservices
    5.1.  Step 1: Read This Document In Detail
    5.2.  Step 2: Submit An Internet-Draft
    5.3.  Step 3: Request Comments from the IETF Community
        5.3.1.  Outcome 1: No Changes Needed
        5.3.2.  Outcome 2: Changes, but no Further Comments Requested
        5.3.3.  Outcome 3: Changes and Further Comments Requested
    5.4.  Step 4: Request Expert Review
        5.4.1.  Outcome 1: Experts Approve Enumservice
        5.4.2.  Outcome 2: Experts Raise Issues, Changes Required
        5.4.3.  Outcome 3: Experts Reject Enumservice
    5.5.  Step 5: Submit for Publication

6.  The Enumservice Expert Selection Process

7.  Enumservice Expert Reviews

8.  Appeals against Expert Review Decisions

9.  Revision of Pre-Existing Enumservice RFCs

10.  Extension of Existing Enumservice RFCs

11.  Security Considerations
    11.1.  Considerations regarding this Document
    11.2.  Enumservice Security Considerations Guideline

12.  IANA Considerations

13.  Acknowledgements

14.  References
    14.1.  Normative References
    14.2.  Informative References

Appendix A.  XML2RFC Template for Enumservice Registration

Appendix B.  Changes

Appendix C.  Open Issues

§  Authors' Addresses
§  Intellectual Property and Copyright Statements

1.  Introduction

This document provides a guide to and template for the creation of new IANA registrations of Enumservices. This document aims to enhance section 3 of RFC 3761 (Faltstrom, P. and M. Mealling, “The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM),” April 2004.) [RFC3761], where the registration procedure for Enumservices was initially documented at a high level. However, the IETF's ENUM Working Group has encountered an unnecessary amount of variation in the format of Enumservice drafts presented to the group. The ENUM Working Group's view of what particular fields and information are required and/or recommended has also evolved, and capturing these best current practices is helpful in both the creation of new registrations, as well as the revision or refinement of existing registrations.

This document also aims at providing a registration process which is more detached from the existance of the ENUM working group.

For the purpose of this document, 'registration document' and 'registration' refer to an Internet-Draft proposing the IANA registration of an Enumservice following the procedures outlined herein.

2.  Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.) [RFC2119].

3.  Enumservice Creation Cookbook

3.1.  General Enumservice Considerations

ENUM is an extremely flexible identifier mapping mechanism, using E.164 (phone) numbers as input identifiers, and returning URIs as output identifiers. Because of this flexibility, almost every use case for ENUM could be implemented in several ways. Because of the huge size of the Enumservice identifier namespace (up to 32 alphanumeric characters for type and subtype field each), it is very tempting to register a new Enumservice for each new use case. However, this would obviously reduce interopability, and increase confusion among implementors. Also, the space in the protocol on which ENUM is based on (namely DNS packets) is rather scarce compared to the huge identifier space that Enumservice typing provides.

Generally, before commencing work on a new Enumservice registration, the following should be considered:

• Is there an existing Enumservice which could fulfill the desired functionality without overloading it? Check the IANA Enumservice registrations on <http://www.iana.org/assignments/enum-services>.
  
  
• Is there work in progress on a similar Enumservice? Check the <enum@ietf.org> mailing list archives on <http://www.ietf.org/mail-archive/web/enum/index.html>, and the Internet-Drafts Archive on <http://tools.ietf.org/wg/enum/>.
• Section 3.2 (Classification, Name, Type and Subtype) provides three general categories for Enumservice classification. In some cases, there might be several options for designing an Enumservice. For example, a mapping service using HTTP could be considered a "protocol type" Enumservice (using HTTP as the protocol), while it could also be viewed as an "application type" Enumservice, with the application being access to maps. In such a case where several options are available, defining use cases before commencing work on the Enumservice itself might be useful before making a decision on whether the "protocol" or the "application" aspect of the Enumservice is more important.

3.2.  Classification, Name, Type and Subtype

Because of its flexibility, Enumservices can be and are used in a lot of different ways. This section contains a classification of Enumservices, and provides guidance for choosing suitable 'type' and 'subtype' strings for each individual Enumservice class. The choice of a suitable 'name' is independent of the classification.

3.2.1.  Choosing a "name" string

Advice for choosing a proper 'name' string is indepent of the classificaton of the Enumservice.

Generally, the 'name' string used for registering an Enumservice SHOULD give a clear indication of what the Enumservice is about. The 'name' has no technical significance in the processing of the NAPTR (it doesn't even appear in resource record instances of the Enumservice). However, it is likely to be used for labeling the Enumservice to end users.

Suitable 'names' are concise, distinctive, and clearly related to the underlying service that a client is going to interact with.

3.2.2.  Protocol-based Enumservices Class

Such an Enumservice indicates that an interaction using the named protocol will result for use of this NAPTR. The expected behavior of a system using this Enumservice MUST be clear from the protocol.

A good indication that an Enumservice belongs to this class is the fact that a client does not need to understand the actual application to make use of an instance of this Enumservice.

3.2.2.1.  Protocol-based Enumservice "type" strings

A protocol-based Enumservice SHOULD use the name of the protocol (or the "base" URI scheme, where there are also secure variants) as its 'type' name.

3.2.2.2.  Protocol-based Enumservice "subtype" strings

Where there is a single URI scheme associated with this protocol, then the Enumservice SHOULD NOT use a subtype.

Where a protocol is associated with a number of different URI schemes, the registration SHOULD define which of these is the default ("base") URI scheme, and register the empty subtype for use with this default scheme only. The only exception to this is the case where a secure variant of the "base" URI scheme exists. Such an URI scheme MAY also be used with the empty subtype string.

The Enumservice registration SHOULD define subtypes for each of the non-default URI schemes with which it can be associated. The use of the URI schema name as subtype string is RECOMMENDED.

Where a NAPTR includes the default URI scheme, the Enumservice without a subtype SHOULD be used. Where a non-default scheme is used, the Enumservice variant with type and respective sub-type SHOULD be used.

3.2.3.  Application-based Enumservices

Application-based Enumservices are used when the kind of service intended is not fully defined by a protocol specification. There are three cases here:

• Common Application Enumservice:
  
  The application reflects a kind of interaction that can be realized by different protocols, but where the intent of the publisher is the same. From a user's perspective, there is a common kind of interaction - how that interaction is implemented is not important. The Enumservice registration MUST describe the interaction and expected behavior in enough detail that an implementation can decide if this activity is one in which it can engage. However, it is RECOMMENDED that the Enumservice is defined in a way that will allow others to use it at a later date. An Enumservice that defines a generalized application is preferred to one that has narrow use.
  
  An example of this flavors of Enumservice is email. Whilst this might appear to be a "pure" protocol scheme, it is not. The URI scheme is mailto:, and does not identify the protocol used by the sender or the recipient to offer or retrieve emails.
  
  Another example is sms, where the presence of such an Enumservice indicates that the publishing entity is capable of engaging in sending or receiving a message according to the Short Messaging Service specifications. The underlying protocol used and the URI-scheme for the addressable end point can differ, but the "user visible" interaction of sending and receiving an SMS is similar.
  
  
• Subset Enumservice:
  
  The application interaction reflects a subset of the interactions possible by use of a protocol. Use of this Enumservice indicates that some options available by use of the protocol will not be accepted or are not possible in this case. Any such Enumservice registration MUST define the options available by use of this NAPTR in enough detail that an implementation can decide whether or not it can use this Enumservice. Examples of this kind of Enumservice are voice:tel and fax:tel. In both cases the URI holds a telephone number. However, the essential feature of these Enumservices is that the telephone number is capable of receiving a voice call or of receiving a Facsimile transmission, respectively. These form subsets of the interactions capable of using the telephone number, and so have their own Enumservices. These allow an end point to decide if it has the appropriate capability of engaging in the advertised user service (a voice call or sending a fax) rather than just being capable of making a connection to such a destination address. This is especially important where there is no underlying mechanism within the protocol to negotiate a different kind of user interaction.
• Ancillary Application Enumservice
  
  Another variant on this is the Ancillary Application. This is one in which further processing (potentially using a number of different protocols or methods) is the intended result of using this Enumservice. An example of this kind of application is the PSTN:tel Enumservice. This indicates that the NAPTR holds Number Portability data. It implies that the client should engage in number portability processing using the associated URI. Note that this Enumservice usually does not itself define the kind of interaction available using the associated URI. That application is negotiated with some other "out of band" means (either through prior negotiation, or explicitly through the number portability process, or through negotiation following the selection of the final destination address).

3.2.3.1.  Application-based Enumservice "type" strings

It is RECOMMENDED that Application-class Enumservices use the well known name of the abstract application as "type" name.

3.2.3.2.  Application-based Enumservice "subtype" strings

It is RECOMMENDED to use the URI scheme(s) that the application uses as "subtype" names. Subtype names SHOULD be shared only between URI schemes that correspond to the "base" URI scheme of a protocol and the secure variant of the same protocol.

If there is only one URI scheme used for the application, the empty "subtype" string MAY be used.

3.2.4.  Data/Format Enumservice class

"Data Format" Enumservices typically refer to a specific data type or format, which may be addressed using one or more URI schemes and protocols. It is RECOMMENDED to use a well known name of the data type / format as the Enumservice 'type'. An example of such an Enumservice is 'vpim' (RFC 4238) (Vaudreuil, G., “Voice Message Routing Service,” October 2005.) [RFC4238] and 'vCard' (RFC 4969) (Mayrhofer, A., “IANA Registration for vCard Enumservice,” August 2007.) [RFC4969] (work in progress).

3.2.4.1.  Data/Format-based Enumservice "type" strings

It is RECOMMENDED to use the well known name of the data/format as the 'type' name.

3.2.4.2.  Data/Format based Enumservice "subtype" strings

It is RECOMMENDED to use the URI schemes used to access the service as 'subtype' name. Subtype names SHOULD be shared only between URI schemes that correspond to the "base" URI scheme of a protocol and its secure variant.

If there is only one URI scheme foreseen to access the data/format, the empty "subtype" string MAY be used.

4.  Required Sections and Information

In addition to the typical sections required for an RFC as outlined in RFC 2223bis (Reynolds, J. and R. Braden, “Instructions to Request for Comments (RFC) Authors,” July 2004.) [I‑D.rfc‑editor‑rfc2223bis] (Instructions to RFC Authors), there are several sections which MUST appear in an IANA Registration for an Enumservice. These sections are, as follows, and SHOULD be in the same order.

Appendix A (XML2RFC Template for Enumservice Registration) contains a template which can be used to create Internet Drafts and RFC by means described on <http://xml.resource.org/>. This template contains a prototype for most of these sections.

4.1.  Introduction (MANDATORY)

An introductory section MUST be included. This section will explain, in plain English, the purpose of and intended usage of the proposed Enumservice registration.

The Introduction SHOULD start with a short sentence about ENUM, introduce the protocol used in the Enumservice, and discuss the Enumservice as it refers from the E.164 number to the protocol or service.

4.2.  ENUM Service Registration (MANDATORY)

This section MUST be included in an Enumservice registration. In addition, where a given registration type has multiple subtypes, there MUST be a separate registration section for each subtype. The following lists the sections and order of an Enumservice Registration section. All types and subtypes SHOULD be listed in lower-case.

Enumservice Class:

This section contains the class of the Enumservice as defined in Section 3.2 (Classification, Name, Type and Subtype).

e.g. "Application-based Enumservice"

Enumservice Name:

A short word or stub sentence describing this Enumservice. Often this is equivalent to the Enumservice Type (see below), however, capitalization may be different from it.

e.g. "Foo"

Enumservice Type:

The type of the Enumservice. Often this is equivalent to the Enumservice Name (see above).

e.g. "foo"

Enumservice Subtype:

The Subtype of the Enumservice.

e.g. "bar"

Many Enumservices do not require a subtype; use "N/A" in this case.

URI Schemes:

The URI Schemes, which are used with the Enumservice.

e.g. "bar:", "sbar:"

A URI scheme often matches the subtype (see above). Multiple URI schemes can be listed here if they are used for the same subtype, and provide almost identical functionality.

Note well that a client cannot choose a specific ENUM record in a record set based on the URI scheme - the selection is only based on 'type' and 'subtype'.

Functional Specification:

e.g. This Enumservice indicates that the remote resource identified can be addressed by the associated URI scheme in order to foo the bar.

Security Considerations:

An internal reference to the 'Security Considerations' section of a given registration document.

e.g. "see Section 10"

Intended Usage:

One of "COMMON", "LIMITED USE" or "OBSOLETE", as defined in RFC 3761 (Faltstrom, P. and M. Mealling, “The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM),” April 2004.) [RFC3761]

e.g. "COMMON"

Author(s):

The author(s) of the Enumservice registration.

e.g. John Doe <john.doe@example.com>

Any other information the author(s) deem(s) interesting:

e.g. None

4.3.  Examples (MANDATORY)

This section MUST show one or more example(s) of the Enumservice registration, for illustrative purposes. The example(s) shall in no way limit the various forms that a given Enumservice may take, and this should be noted at the beginning of this section of the document. The example(s) MUST show the specific formatting of the intended NAPTRs RFC 3403 (Mealling, M., “Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database,” October 2002.) [RFC3403], including one or more NAPTR example(s), AND a brief textual description, consisting of one or more sentences written in plain English, explaining the various parts or attributes of the record(s).

The example(s) SHOULD contain a brief description how a client supporting this Enumservice could behave, if that description was not already given in e.g. the Introduction.

e.g.

$ORIGIN 9.7.8.0.9.7.8.9.0.9.4.4.e164.arpa.
@ IN NAPTR 100 10 "u" "E2U+foo:bar" "!^.*$!bar://example.com/!" .

4.4.  Implementation Recommendations / Notes (OPTIONAL)

If at all possible, recommendations that pertain to implementation and/or operations SHOULD be included. Such a section is helpful to someone reading a registration and trying to understand how best to use it to support their network or service.

4.5.  Security Considerations (MANDATORY)

A section explaining any potential security threats that are unique to the given registration MUST be included. This MUST also include any information about access to Personally Identifiable Information (PII).

However, this section is not intended as a general security Best Current Practices (BCP) document and therefore it should not include general and obvious security recommendations, such as securing servers with strong password authentication.

4.6.  IANA Considerations (MANDATORY)

Describe the task IANA needs to fulfill processing the Enumservice registration document.

e.g. This memo requests registration of the "foo" Enumservice with the subtype "bar" according to the definitions in this document and RFC 3761 (Faltstrom, P. and M. Mealling, “The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM),” April 2004.) [RFC3761].

4.7.  DNS Considerations (OPTIONAL)

In case the inclusion of protocols and URI schemes into ENUM specifically introduces new DNS issues, those MUST be described within this section.

Such DNS issues include, but are not limited to:

• Assumptions about the namespace below the owner of the respective NAPTR RRSet.
  
  
• Demand to use DNS wildcards.
  
  
• Incompatibility with DNS wildcards.
  
  
• presence or absence of the respective NAPTR RRSet at particular levels in the DNS hierarchy (e.g. only for 'full' E.164 numbers, or number blocks only).
  
  
• use of any RRs (especially non-NAPTR) within or beyond the e164.arpa namespace other than those needed to resolve the domain names that appear in the 'replacement' URI.

Rationale: some ENUM services try to exploit side effects of the DNS that need to be explicitly discussed.

4.8.  Other Sections (OPTIONAL)

Other sections, beyond those required by the IETF and/or IANA, which are cited or otherwise referenced here, MAY be included in an Enumservice registration. These sections may relate to the specifics of the intended usage of the Enumservice registration and associated technical, operational, or administrative concerns.

5.  The Process of Registering New Enumservices

This section describes the process by which someone shall submit a new Enumservice for review and comment, how such proposed Enumservices shall be reviewed, and how they shall be published.

The following Figure 1 depicts an overview on the ENUM service registration process:

                     +--------------------+
                     |       Step 1:      |
                     | Read this document |
                     +--------------------+
                               V
                    +----------------------+
                    |          Step 2:     |
                    | Write I-D and submit |
                    +----------------------+
                               V
            +--------------------------------------+
            |                Step 3:               |<------+- - - -+
            | Announce I-D to and solicit feedback |       |       |
            +--------------------------------------+       |
                               |                           |       |
                               V                           |
                              .^.                          |       |
                            .     .                        |
+------------+            .  Feed-  .               +------------+ |
| Update I-D |<---------<    back     >------------>| Update I-D |
| and submit |  non-sub-  . results .   substantial | and submit | |
+------------+  stantial    . in: .     changes     +------------+
      |         changes       . .       needed                     |
      |         needed         Y
      |                        | no changes needed                 |
      |                        V
      |             +-----------------------+                      |
      +------------>|       Step 4:         |<-------------+
                    | Request Expert Review |              |       |
                    +-----------------------+              |
                               |                           |       |
                               V                           |
                              .^.                          |       |
                            .     .                        |
 +---------+              .  Expert .               +------------+ |
 | Appeal- |<-----------<    review   >------------>| Update I-D |-+
 | process |  rejection   . results .   issues      | and submit |
 +---------+  by expert(s)  . in: .     raised by   +------------+
                              . .       expert(s)
                               Y
                               | approval by expert(s)
                               V
               +-----------------------------+
               |            Step 5:          |
               | Submit I-D for publication |
               +-----------------------------+

5.1.  Step 1: Read This Document In Detail

This document describes all of the necessary sections required and recommended, makes suggestions on content, and provides sample XML.

5.2.  Step 2: Submit An Internet-Draft

An Internet-Draft shall be submitted in accordance with RFC 2026 (Bradner, S., “The Internet Standards Process -- Revision 3,” October 1996.) [RFC2026] and RFC 2223bis (Reynolds, J. and R. Braden, “Instructions to Request for Comments (RFC) Authors,” July 2004.) [I‑D.rfc‑editor‑rfc2223bis], as well as RFC 3761 (Faltstrom, P. and M. Mealling, “The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM),” April 2004.) [RFC3761], and any other documents applicable to the Internet-Draft process. This Internet-Draft may be submitted as an "Individual Submission".

5.3.  Step 3: Request Comments from the IETF Community

After the Internet-Draft has been published, the author(s) shall send an email to <enum@ietf.org>, in which comments on the Internet-Draft are requested.

Suggested Format of Announcement:

To: enum@ietf.org

Subject: Comments on <I-D Name Here>

The author is requesting comments and feedback from the ENUM and IETF communities on the I-D listed below.

The I-D is available at: <INSERT URL to I-D ON IETF WEB SITE HERE>

Abstract of the I-D:

<INSERT I-D ABSTRACT HERE>

The author(s) should allow a reasonable period of time to elapse, such as two to four weeks, in order to collect any feedback. The author(s) shall then consider whether or not to take any of those comments into account, by making changes to the Internet-Draft and submitting a revision to the I-D editor, or otherwise proceeding. The following outcomes are the ways the author(s) shall proceed, and it is up to the authors' judgement as to which one to choose.

5.3.1.  Outcome 1: No Changes Needed

No changes to the draft are made, and the author(s) proceed(s) to Step 4 below.

This outcome is recommended when the feedback received does not lead to a new revision of the Internet-Draft.

5.3.2.  Outcome 2: Changes, but no Further Comments Requested

The author(s) update(s) the Internet-Draft and is/are confident that all issues are resolved and do not require further discussion. The author(s) proceed(s) to Step 4 below.

This outcome is recommended when minor objections have been raised, or minor changes have been suggested.

5.3.3.  Outcome 3: Changes and Further Comments Requested

The author(s) update(s) the Internet-Draft, and proceed(s) to Step 3 above, which involves sending another email to <enum@ietf.org> to request additional comments for the updated version.

This outcome is recommended when substantial objections have been raised, or substantial changes have been suggested.

5.4.  Step 4: Request Expert Review

In this step, the author(s) send(s) an email to the ENUM expert review panel at <enumservice-expert-review@ietf.org>. The Enumservice Expert Review Process shall then be followed to conclusion. A later section of this document describes how expert reviewers are selected (Section 6 (The Enumservice Expert Selection Process)) and how the process of expert reviews takes place Section 7 (Enumservice Expert Reviews).

5.4.1.  Outcome 1: Experts Approve Enumservice

In this case, the proposed Enumservice has been endorsed and approved by the experts, and the Internet-Draft proceeds to Step 5 below.

5.4.2.  Outcome 2: Experts Raise Issues, Changes Required

The experts raise issues that prevent approval of the proposed Enumservice. If they believe that, with changes, the proposed Enumservice will be approved, then they may recommend that the author(s) make changes and submit the draft again. Depending on the nature of the changes the Internet-Draft proceeds either to Step 4 or to Step 3 above, which both involve update of the Internet-Draft and request additional review and/or comments for the updated version.

5.4.3.  Outcome 3: Experts Reject Enumservice

The experts raise issues that result in rejection of the proposed Enumservice. If they believe that, even with changes, the proposed Enumservice will not be approved, the process normally terminates. However, if the author(s) disagrees(s) with this judgement, he has the possibility to to appeal. In that case, the appeal process is initiated according to Section 8 (Appeals against Expert Review Decisions).

5.5.  Step 5: Submit for Publication

The Internet-Draft is submitted to be published as an RFC. The IETF publication process includes IANA actions such as adding the service to the IANA Enumservice registry. According to RFC 3761 (Faltstrom, P. and M. Mealling, “The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM),” April 2004.) [RFC3761] an Enumservice description can be published as either a Standards Track, Best Current Practice (BCP), or Experimental RFC.

6.  The Enumservice Expert Selection Process

According to Section 3.2 of [I‑D.narten‑iana‑considerations‑rfc2434bis] (Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” March 2008.), experts are appointed by the IESG upon recommendation by the RAI Area Directors. The RAI area directors are responsible that there is always a sufficient amount of experts available.

7.  Enumservice Expert Reviews

Generally, the expert review process of an Enumservice MUST follow the guidelines documented in section 3.3 of [I‑D.narten‑iana‑considerations‑rfc2434bis] (Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” March 2008.).

The expert SHOULD evaluate the criteria as set out in the draft mentioned above, as well as consider the following:

• Verify conformance with the ENUM specification (RFC 3761).
• Verify that the requirements set in this document (Section 4 (Required Sections and Information)) are met. This includes check for completeness and whether all the aspects described in Section 4 (Required Sections and Information) are sufficiently addressed.
• If a use case is given by the author of the proposal (which is RECOMMENDED), the expert SHOULD verify whether the proposed Enumservice does actually fulfill the use case, and whether the use case could be covered by an already existing Enumservice.
• Verify that the Enumservice proposed cannot be confused with identical (or similar) other Enumservices already registered.
• If the Enumservice is classified according to Section 3.2 (Classification, Name, Type and Subtype), the expert MUST verify that the principles of the class in question are followed.
• In case the Enumservice is not classified, the expert MUST verify whether a convincing reason for the deviation is documented in the registration proposal.
• Investigate whether the proposed Enumservice has any negative side effects on existing clients and infrastructure.
• If the output of processing an Enumservice may be used for input to more ENUM processing (especially services returning 'tel' URIs), the expert SHOULD verify that the author has adequately addressed the issue of potential query loops.

8.  Appeals against Expert Review Decisions

Appeals follow the normal IETF appeal process as described in section 7 of [I‑D.narten‑iana‑considerations‑rfc2434bis] (Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” March 2008.) and section 6.5 of RFC 2026 (Bradner, S., “The Internet Standards Process -- Revision 3,” October 1996.) [RFC2026]

9.  Revision of Pre-Existing Enumservice RFCs

Several Enumservice registrations, published via IETF RFCs, already exist at the time of the development of this document. The authors recommend that these existing registration documents SHOULD be reviewed and, where necessary and appropriate, MAY be revised in accordance with the recommendations contained herein. All future Enumservice registrations SHOULD follow the recommendations contained herein, where practical and applicable.

10.  Extension of Existing Enumservice RFCs

There are cases, where it is more sensible to extend an existing Enumservice registrations rather than proposing a new one. Such cases include adding a new subtype to an existing type. Depending on the nature of the extension, the original registration document needs to be extended (updates) or replaced (obsoletes) [I‑D.rfc‑editor‑rfc2223bis] (Reynolds, J. and R. Braden, “Instructions to Request for Comments (RFC) Authors,” July 2004.).

11.  Security Considerations

11.1.  Considerations regarding this Document

Since this document does not introduce any technology or protocol, there are no security issues to be considered for this memo itself.

11.2.  Enumservice Security Considerations Guideline

Section 6 of RFC 3761 already outlines security considerations affecting ENUM as a whole. Enumservice registration documents do not need and SHOULD NOT repeat considerations already listed there, but they SHOULD include a reference to that section.

ENUM refers to resources using preexisting URI schemes and protocols. Enumservice registration documents do not need and SHOULD NOT repeat security considerations affecting those protocols and URI schemes itself.

However, in case that the inclusion of those protocols and URI schemes into ENUM specifically introduces new security issues, those issues MUST be lined out in the 'Security Considerations' section of the registration document.

12.  IANA Considerations

This document itself does not define a new protocol, and therefore has no considerations for IANA. However, it contains a proposal for the 'IANA Considerations' section of actual Enumservice registration documents in Appendix A (XML2RFC Template for Enumservice Registration).

Note: Section 4.2 (ENUM Service Registration (MANDATORY)) is just an example of an Enumservice registration. The Enumservice "foo" outlined there MUST NOT be registered by IANA unless this memo is to be published on April 1st.

13.  Acknowledgements

Lawrence Conroy provided extensive text for the Enumservice Classification section. The authors also wish to thank Peter Koch for his contribution to this document.

14.  References

14.1. Normative References

14.2. Informative References

Appendix A.  XML2RFC Template for Enumservice Registration

<?xml version='1.0' ?>
<!DOCTYPE rfc SYSTEM 'rfc2629.dtd'>
<rfc ipr='full3978' docName='draft-mysurname-enum-foo-service-00' >
<?rfc toc='yes' ?>
<?rfc tocompact='no' ?>
<?rfc compact='yes' ?>
<?rfc subcompact='yes' ?>

<front>

  <title abbrev='Foo Enumservice'>
    IANA Registration for Enumservice Foo
  </title>

  <author initials='MyI.' surname='MySurname'
          fullname='MyName MySurname'>
    <organization abbrev='MyOrg'>
      MyOrganization
    </organization>
    <address>
      <postal>
        <street>MyAddress</street>
        <city>MyCity</city>
        <code>MyZIP</code>
        <country>MyCountry</country>
      </postal>
      <phone>Myphonenumber</phone>
      <email>MyEmailAddress</email>
      <uri>MyWebpage</uri>
    </address>
  </author>

  <date month='ThisMonth' year='ThisYear' day='ThisDay'/>
  <area>RAI</area>
<workgroup>ENUM -- Telephone Number Mapping Working Group</workgroup>
  <keyword>ENUM</keyword>
  <keyword>foo</keyword>
  <keyword>bar</keyword>

  <abstract>

    <t>This memo registers the Enumservice "foo" with subtype "bar"
       using the URI scheme "bar".
       This Enumservice is to be used to refer from an ENUM domain
       name to the foobar of the entity using the corresponding
       E.164 number.
    </t>

    <t>A Client can use information gathered from a record using
    this Enumservice to foo the bar.
    </t>

  </abstract>

</front>


<middle>

  <section anchor='intro' title='Introduction'>

    <t><xref target='RFC3761'>E.164 Number Mapping (ENUM)</xref>
       uses the <xref target='RFC1035'>Domain Name System
       (DNS)</xref> to refer from <xref target='refs.E164'>E.164
       numbers</xref> to <xref target='RFC3986'>Uniform Resource
       Identifiers (URIs)</xref>.
    </t>

    <t>To distinguish between different services for a single E.164
       number, section 2.4.2 of RFC 3761 specifies 'Enumservices',
       which are to be registered with IANA according to section 3
       of RFC 3761 and <xref target='RFCXXXX'>RFC XXXX</xref>.
    </t>

    <t>The 'foo' protocol is specified in ... and provides ...
    </t>

    <t>The Enumservice specified in this document refers from an
       E.164 number to a foobar ... Clients use those foobars to foo
       the bar.
    </t>

  </section>

  <section anchor='terminology' title='Terminology'>

    <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
       "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
       "OPTIONAL" in this document are to be interpreted as described
       in <xref target='RFC2119'>RFC 2119</xref>.
    </t>

  </section>

  <section anchor='reg' title='ENUM Service Registration - foo'>

    <t>Enumservice Class: "Barfoo-based Enumservice"</t>

    <t>Enumservice Name: "foo"</t>

    <t>Enumservice Type: "foo"</t>

    <t>Enumservice Subtypes: "bar"</t> <!-- Use N/A if none -->

    <t>URI Schemes: "bar"</t>

    <t>Functional Specification:

      <list style='empty'>

        <t>This Enumservice indicates that the resource identified is
           a foobar ...
        </t>

      </list>

    </t>

    <t>Security Considerations: see <xref target='sec'/></t>

    <t>Intended Usage: COMMON</t>

    <t>Author(s): MyName MySurname, &lt;myEmail&gt;</t>

    <t>Any other information the author(s) deem(s) interesting:
       None
    </t>

  </section>

  <section anchor='examples' title='Examples'>

    <t>An example ENUM record referencing to "foo" could look like:

    <list style='empty'>

      <vspace blankLines='1'/>

      <t>$ORIGIN 9.7.8.0.9.7.8.9.0.9.4.4.e164.arpa.

         <vspace blankLines='0'/>

      @ IN NAPTR 50 10 "u" "E2U+foo:bar" "!^.*$!bar://example.com/!" .

      </t>

      <t>...
      </t>

    </list>

    </t>
  </section>

  <section anchor='impl' title='Implementation Recommendations'>

    <t>Implementers should consider that fooing the bar...
    </t>

  </section>

  <section anchor='sec' title='Security Considerations'>
        <t>As with any Enumservice, the security considerations of ENUM
        itself (Section 6 of RFC 3761) apply.
        </t>
        <section anchor='secrecord' title='The ENUM Record Itself'>
        <t>Since ENUM uses DNS - a publicly available database -
        any information contained in records provisioned in ENUM
        domains must be considered public as well. Even after revoking
        the DNS entry and removing the referred resource, copies of the
        information could still be available. </t>
        <t>
        Information published in ENUM records could reveal associations
        between E.164 numbers and their owners - especially if URIs
        contain personal identifiers or domain names for which
        ownership information can be obtained easily.
        For example, the following URI makes it easy to guess
        the owner of an E.164 number as well as his location and
        association by just examining the result from the ENUM lookup:
        <vspace blankLines='1'/>
        <list>
        <t>http://sandiego.company.example.com/joe-william-user.vcf</t>
        </list>
        </t>
        <t>However, it is important to note that the ENUM record itself
        does not need to contain any personal information. It just
        points to a location where access to personal information could
        be granted.  For example, the following URI only reveals the
        service provider hosting the vCard (who probably even provides
        anonymous hosting):
        <vspace blankLines='1'/>
        <list>
          <t>http://anonhoster.example.org/file_adfa001.vcf</t>
        </list>
        </t>
        <t>ENUM records pointing
        to third party resources can easily be provisioned on purpose
        by the ENUM domain owner - so any assumption
        about the association between a number and an entity could
        therefore be completely bogus unless some kind of identity
        verification is in place. This verification is out of scope for
        this memo.</t>
        </section>
        <section anchor='secresource' title='The Resource Identified'>
        <t>
        Users MUST therefore carefully consider information they
        provide in the resource identified by the
        ENUM record as well as in the record itself.
        Considerations could include serving information only to
        entities of the user's choice and/or limiting the comprehension
        of the information provided based on the identity of the
        requester.</t>
        <t>(modify as appropriate - more about the specific
        resource here)</t>
  </section>

  <section anchor='iana' title='IANA Considerations'>

    <t>This memo requests registration of the "foo" Enumservice
       with the subtype "bar" according to the template in
       <xref section='reg'> of this
       document and <xref target='RFC3761'>RFC 3761</xref>.
    </t>

    <t>...
    </t>

  </section>

  <section anchor='dns' title='DNS Considerations'>

    <t>This Enumservices does not introduce any
    new considerations for the DNS.
    </t>

    <t>...
    </t>

  </section>

</middle>

<back>

  <references title='Normative References'>

    <?rfc include="reference.RFC.2119" ?>
    <?rfc include="reference.RFC.3761" ?>
    <?rfc include="reference.RFC.1035" ?>

  </references>

  <references title='Informative References'>

    <reference anchor='refs.E164'>
      <front>
        <title abbrev='E.164 (02/05)'>The international public
        telecommunication numbering plan</title>
        <author initials='' surname='' fullname=''>
          <organization abbrev='ITU-T'>ITU-T</organization>
        </author>
        <date month='Feb' year='2005'/>
      </front>
      <seriesInfo name='Recommendation' value='E.164 (02/05)'/>
    </reference>

  </references>

</back>

</rfc>

Appendix B.  Changes

[RFC Editor: This section is to be removed before publication]

draft-ietf-enum-enumservices-guide-06:

• bernie: Moved Terminology section in Template (now after Introduction)
• bernie: Class is now part of the Enumservice registration and template
• bernie: Individual Submission realaxed (comment Peter Koch)
• bernie: updated vcard Ref (now RFC)

draft-ietf-enum-enumservices-guide-05:

• bernie/alex: added text for sections 'The Enumservice Expert Selection Process' and 'The Process for Appealing Expert Review Decisions'
• bernie: added ASCII-art figure for registration process
• bernie: adjusted registration process
• jason: proposed registration process

draft-ietf-enum-enumservices-guide-04:

• bernie: added section about Extension of existing Enumservice RFCs
• bernie: added open issue about future registration process
• bernie: added category (bcp)
• bernie: clean up in Security considerations
• bernie: editorial stuff (mainly XML issues)

draft-ietf-enum-enumservices-guide-03:

• alex: moved terminology section
• alex: removed note asking for feedback
• bernie: added DNS consideration section
• bernie: added Acknowledgments section
• bernie: editorial stuff (nicer formating, fixing too long lines)
• alex: added security considerations from vcard draft.

draft-ietf-enum-enumservices-guide-02:

• bernie: replaced numbers in examples by "Drama Numbers"
• bernie: moved Change and Open Issues to Appendix.
• bernie: major rewrite of section "6. Required Sections and Information" incl. separating explanations and examples.
• bernie: removed section 7 (was just a repetition of referencing to template)
• bernie: extended Appendix with Open Issues.

draft-ietf-enum-enumservices-guide-01:

• alex: added Security Considerations section for the doc itself
• alex: added IANA Considerations section for the doc itself
• alex: added cookbook idea

Appendix C.  Open Issues

[RFC Editor: This section should be empty before publication]

• Clarify the role of the expert(s) and the requirements that apply for reviewing Enumservice registrations
• Clarify what Process applies after Expert Review (before publication)
• Check whether alignment with RFC3761bis is needed (e.g. Enumservice class)
• Clarify IANA impact of this document.
• URL for template, so that it can be fetched without header-/footer-lines of RFC.

Authors' Addresses

Full Copyright Statement

Copyright © The IETF Trust (2007).

This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

This document and the information contained herein are provided on an “AS IS” basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.